The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local git commands to manage worktrees and merge branches using node:child_process.spawnSync in scripts/team-worktree.mjs. This implementation uses an argument array which avoids shell injection vulnerabilities.
[COMMAND_EXECUTION]: The SKILL.md file instructs the agent to execute a bundled Node.js script (scripts/team.mjs) to manage team state. This is a standard pattern for skills that require local logic execution.
[COMMAND_EXECUTION]: Robust input validation is implemented. Identifiers such as sessionId and memberId are validated against strict regular expressions (SESSION_ID_PATTERN and MEMBER_ID_SEGMENT) before being used in file paths or shell commands.
[DATA_EXPOSURE]: The skill maintains local state in a .omo/teams/ directory. It implements security checks in scripts/team-state.mjs (mkdirNoSymlink and assertSafeTeamDir) to ensure file operations do not resolve through symbolic links that could lead to unauthorized directory access.
[PROMPT_INJECTION]: The skill generates instructions for team members based on user-provided strings (focus, deliverables). While this creates a surface for indirect prompt injection (Category 8), the risk is mitigated by the fact that the tool is intended for personal workflow orchestration, and the instructions are scoped to specific AI threads created by the user.

teammode